Intro to Salesforce Commerce Cloud (Demandware)

This article is an introduction to SFCC, right from “why” it exists, “what” it is & “how” it works. It’s aimed at anyone aspiring to be an SFCC developer. This is the first in a series of articles that explore SFCC from a technical perspective.

WHY SFCC Exists:

In the good ol’ days, when a business wanted to sell its products online, the obvious way to go, was to set up a website & showcase all products. Maintaining this website entailed a lot of challenges:

● Refreshing the product catalog periodically, as the business adds or removes products.

● Maintaining product pricing in a way that allows for easy updates in response to market forces.

(This gets especially tricky if the website deals in multiple currencies.)

● Keeping the product inventory up-to-date, especially for fast moving stock.

● Offering discounts on products or to specific customers.

● Running site-wide sales, seasonal promotions or other marketing campaigns.

● Integration with payment gateways.

● Managing customer data & ongoing compliance with regional user data protection policies.

● Order management & order processing, including payment modes, EMIs, order export to warehouses, etc.

● Integration with social networks for marketing campaigns.

● Support for user ratings & reviews.

● Providing customer service.

● Integration with brick-and-mortar stores - buy online & pick-up from store.

Clearly, these activities are far from trivial & require an army of developers, testers, analysts, marketers, etc., to keep the site up & running. As the e-commerce industry matured, numerous toolkits & frameworks emerged to facilitate these tasks. SFCC is one of them. But SFCC took this to the next step by not only providing a comprehensive e-commerce solution, but even taking the entire infra to the cloud, hence the name “commerce cloud”.

WHAT is SFCC:

SFCC is an e-commerce solution. What that means is that SFCC provides tools, framework & infra that you can leverage, to build an e-commerce website from the ground up. Not just that, since SFCC is a cloud hosted solution, it’ll even host your website for you, so you don’t have to pay for & maintain expensive hardware onsite.

A website hosted on SFCC is composed of two parts: data & code. The data is primarily comprised of the products, the categories that the products are grouped into, the catalogs that the categories are assigned to, the price books that maintain product pricing, the product inventory records & the marketing campaigns & product promotions. The code is the JavaScript code that presents all data on the site.

HOW SFCC Works:

Once you have an SFCC account, you get access to several resources on the SFCC cloud. One of these resources is a collection of “instances”. Think of an instance as a cloud hosted VM that hosts your site.

Instances are of four types:

● The production instance hosts your production site. This is the live site that’s accessed by your customers from all over the world.

● The staging instance is where merchandisers create & manage site data: products, pricing, inventory, campaigns, etc.

● The development instance is where QAs test a new feature or a defect fix, before it’s deployed on production.

● Sandboxes are where developers write code & test it, before being sent for QA. Each developer gets a sandbox.

Each instance gets a copy of the website. This website in SFCC terminology is called a “storefront”. There is only one instance of types Production, Staging & Development each. However, there can be many instances of the Sandbox type.

Conclusion:

All in all, SFCC is a pretty neat solution for your e-commerce needs. Their shared revenue model makes it especially attractive to many small businesses. In many ways, it has earned its well-deserved title of being the world’s #1 enterprise cloud commerce platform.

About Author:

K. M. Harish is a consultant in Systems Plus Pvt. Ltd. Within Systems Plus, he actively contributes to the areas of Technology and Information Security. He can be contacted at:  harish.km@spluspl.com

The Blockchain Story

So many cases of NPA’s (Non-Performing Assets) are popping up in India. Powerful people takes loan from multiple banks and run away before the scrutiny happens. 

Typical modus operandi in such cases is as follows.

Mr. X takes a huge loan of hundreds of crores of rupees from “A” Bank, and takes another loan from “B” Bank while hiding about the first Loan, or by paying huge bribes to hide such details. He gets two big loans, runs away to foreign nations and enjoy ever after. One fine day this scam surfaced while audit from The Regulatory body happened. This scenario reminds us about now very infamous Mr X’s of recent times.

Same story with a twist of Blockchain network in place.

Now suppose the government brings all Lender Banks and Regulatory bodies on a single Blockchain network. Some Mr. Y takes a loan of hundreds of crores of rupees from “A” Bank, once his application got approved all the participants of the network will have a copy of this approval. 

Mr. Y goes to “B” Bank and tries to take another loan while hiding details of previous loan from “A” Bank. The “B” Bank can check his loan history on Blockchain and can reject. If they still lends him by taking some favors, which is near to impossible ( thanks to immutable nature of transactions on Blockchain). Then once they approve auditor/ Regulatory body can immediately identify and take stringent action against “B” Bank and Mr. Y, well before them leaving to safe heavens.

Good News is now India has it’s own Government Live Blockchain network currently for MSME sector. Below Excerpt taken from news publish on 5/Apr/2018

https://www.sdxcentral.com/articles/news/indian-lending-exchange-runs-hyperledger-fabric-production/2018/04/

“A trio of Indian government-sanctioned companies built a blockchain network to ensure that if a borrower obtains a loan via one of them, the other two will be notified to avoid duplicate lending. It’s part of an exchange platform they created to bring lenders together with borrowers. The group built their blockchain network using the Linux Foundation’s open source Hyperledger Fabric.”

“The financial exchange system provides a common platform not controlled by any one financial institution to share information, which reduces fraud. The Reserve Bank of India licensed the three private companies to create the platform to facilitate small business loans. The three exchanges are RXIL, A.TReDS, and M1xhange. These exchanges count some of the biggest Indian banks and a number of foreign banks as funding sources. The companies hired MonetaGo to help them build the blockchain element of the platform.”

https://www.thehindubusinessline.com/money-and-banking/indias-first-blockchain-implementation-goes-live/article23422835.ece

With enough of stories, now let's begin the journey of Blockchain.

What is a Blockchain?

In simple terms, it’s a chain of blocks comprising of transactions which can be used to know the complete history of an asset. An asset could be anything from currency to land deeds, personal details, shipment details, product details (it can vary as per the context and industry). Each block will have a hash-code of previous block, hence forms a chain. Only the participating organizations/ people can access this network. Data immutability (once written can’t be changed) and non repudiation (assurance that someone cannot deny something ) makes it more secure and trustworthy.

To write a transaction on such a network, the writer node would be decided based on certain consensus mechanism. In case of Bitcoin, nodes have to solve a mathematical puzzle. Whichever node solves it first, gets a chance to write the transaction on the blockchain network. Also would get certain monetary rewards. This way data becomes more trustworthy and reduces chances of any sort of corruption.

Every block is having a header, content and footer. 

Header part is having the hash-code of previous block, in case of first block this part is having hash-code of Genesis block.

Content part is having the actual payload, or can have a hash-code of root of the underlying Merkle tree.

Footer part is having the calculated hash-code of the complete block ( including the hash-code of previous block ).

Note: Here the #456 is calculated by taking account of #123 + Trx1+Trx2... Etc.

Now if someone updates a single bit of content in any of the previous block, hash-codes of all the block from that block till the latest blocks will be recalculated, and anyone can tell where the modification happened.

Why so much hype?

The major threat to any asset is breach of it’s secrecy, and once compromised, can create havoc. To stop such incidents companies expand huge amount in data security. But in most common industry scenario, all data is stored on some central repository. Hence once compromised makes it very hard to retain. Also auditing such a repository is an expensive task in terms of time & money. 

With advent of Blockchain, the data is stored on participating nodes which can be geographically far away. If one tries to hack such a system they have to simultaneously attack all the nodes in the shortest time frame. Hence makes it near to impossible to attack or to modify. In case of any natural calamity, the data can be restored from any other nodes geographically apart. Hence save hours and hours of data restoration.

The Technology

Distributed Ledger Technology ( DLT ) is in the core of blockchain. Instead of storing data (Ledger - record of transactions) centrally and securing it with firewall and other measures. With DLT the network nodes takes the responsibility of storing latest copy of the data ( Ledger ) in encrypted form. 

The data is stored and synced based on the consensus algorithm. This algorithm first checks for the hash’s of all the previous blocks and then finds the node with the access to write transaction on Blockchain.

These networks are governed by certain contract which all parties have agreed upon while joining the network. This contract is known as smart-contract ( on Ethereum ) or chaincode ( on Hyperledger-Fabric). One such example could be a smart-contract among all banks and Regulatory body, to disallow all Mr X or Y from taking multiple loans. 

Types of Blockchain networks

• Public : public blockchain network is an open network where anyone with an Internet connection can participate.           

                  Example Bitcoin, Ethereum. 

• Private : Private network where only authenticated people or organizations can participate. All the participants have access to ledger.

                  Example Hyperledger Fabric, Sawtooth 

• Permissioned : Private network with permissioned access. This network will have permission rules defined, and the dedicated nodes are commissioned as “MSP” Membership Service Providers, “Endorsers” and “Orderers”.

                  Example Multichain, Hyperledger Fabric, Hyperledger Sawtooth.

Pros & Cons

As with every technology, the pros and cons are inevitable and can only be covered with enhancements. The Blockchain also have some, as mentioned below: 

Pros:

• Reconciliation happens in real time automatically 
• Regulators can participate in the Blockchain as a read Node, and can have an eye on any wrong doings in real time. 
• Immutability
• Disaster recovery is fast in BC

Cons:

• Slow in writing Transactions as compared to existing systems. 
• Secrecy/ confidentiality is hard to maintain (only applicable for public Blockchain ).

Conclusion: 

Before going to replace your existing architecture with Blockchain you have to ask certain questions to yourself. 

Whether

• ... multiple parties (org ) are involved?
• ... assets can be shared on such network?
• ... You are comfortable on relying on trusted third parties?
• ... Benefits of switching outweighs the cost?

If the answer to any of these questions is NO, one should reconsider before going with Blockchain Implementation. 

Finally, blockchain as a technology is way more disruptive, Than Internet was in 90’s. Yet it’s not the solution for all the problems of universe. One need to thoroughly asses his/her business areas which can be benefited from it.

About Author:

Neeraj Paliwal is a consultant in Systems Plus Pvt. Ltd. Within Systems Plus, he actively contributes to the areas of Technology and Information Security. He can be contacted at: neeraj.paliwal@spluspl.com